Digital Forensics for Ransomware-based Software
DOI:
https://doi.org/10.37506/mlu.v23i5.3461Keywords:
digital forensics, ransomware, malware analysis, incident response, mitigation strategies.Abstract
The rapid proliferation of ransomware attacks has posed significant challenges to individuals, organizations, and
society. Ransomware attacks have become increasingly prevalent as information technologies continue to evolve
and spread globally. Cybercriminals have increasingly used ransomware as a means of cyberattack, using various
methods to penetrate target computers, encrypt system data, and demand payment for user access. Despite the
development of security tools like firewalls, antivirus software, and automated analysis tools, they have limited
effectiveness in safeguarding valuable assets stored in local or cloud storage resources. This research paper explores
the field of digital forensics as a crucial tool in combating ransomware-based software. The research focuses on
various aspects of digital forensics specific to ransomware, including malware artifacts, encryption algorithms,
and communication channels employed by ransomware strains. By leveraging a comprehensive dataset of
ransomware samples and real-world case studies, the study identifies key patterns, trends, and characteristics that
aid in attribution and forensic analysis of ransomware incidents. The research proposes a framework for effective
detection and mitigation strategies against ransomware attacks, enhancing organizations’ ability to prevent and
respond to ransomware incidents effectively. The findings contribute to the advancement of digital forensics in
the context of ransomware-based software, providing valuable insights into the evolving tactics and techniques
employed by cybercriminals. The proposed framework equips security practitioners and law enforcement agencies
with a comprehensive set of tools and strategies to combat ransomware attacks effectively.
